The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes an external CLI tool clip to perform file system management tasks. These include creating skill scaffolds, moving directories into a central registry (~/.clip/skills/), and managing YAML-based group configurations.
[COMMAND_EXECUTION]: The utility facilitates the installation of prompt templates into specific AI agent directories (such as Claude Code or Cursor) via symlinking or copying, which effectively manages the active skills available to those agents.
[PROMPT_INJECTION]: The skill defines a template rendering mechanism where inputs are substituted into templates using {{ inputs.param }} syntax. This creates a surface for indirect prompt injection if untrusted user input is supplied to the rendering engine.
Ingestion points: The clip skills get command in SKILL.md accepts user-defined inputs for substitution into prompt templates.
Boundary markers: No delimiters or boundary markers for untrusted input are described in the rendering or installation instructions.
Capability inventory: The skill performs file system modifications, including moving external directories and symlinking files into agent-specific skill directories across multiple platforms (SKILL.md).
Sanitization: There is no indication of input sanitization or validation before interpolation into the prompt templates.

clip-skills